<?php
include '../connect.php';
session_start();

$username=$_GET['username'];
$password=$_GET['password'];

$sql="select * from qq where username ='$username';";
$result=mysqli_query($link,$sql);

$dbusername=null;

$dbpassword=null;
while ($row=mysqli_fetch_array($result)) {//while循环将$result中的结果找出来

    $dbusername=$row["username"];

    $dbpassword=$row["password"];

}

if (is_null($dbusername)){
    ?>

<script type="text/javascript">

    alert("用户名不存在");

    window.location.href="../index.php";

</script>

    <?php

}

else {
    if ($dbpassword!=$password){//当对应密码不对时跳回index.html界面

        ?>

        <script type="text/javascript">

            alert("密码错误");

            window.location.href="../index.php";

        </script>

        <?php
    }
else {

$_SESSION["username"]=$username;

$_SESSION["code"]=mt_rand(0, 100000);//给session附一个随机值，防止用户直接通过调用界面访问welcome.php

?>

    <script type="text/javascript">

        window.location.href="../welcome.php";

    </script>

    <?php

}

}

mysqli_close($link);//关闭数据库连接，如不关闭，下次连接时会出错

?>


